Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Personal domain blocked #4846

Open
2 of 3 tasks
teddybeermaniac opened this issue Jan 12, 2025 · 5 comments
Open
2 of 3 tasks

Personal domain blocked #4846

teddybeermaniac opened this issue Jan 12, 2025 · 5 comments
Assignees
@hagezi
Labels
allow Allow domain(s) fixed-pending-release Will be fixed in the next release

Comments

@teddybeermaniac
Copy link

Which AdBlocker/DNS cloud service do you use?

NextDNS

Other

No response

ControlD users

  • IMPORTANT - I assure that I have not set the Block Response in ControlD to Custom or Branded and can confirm that the problem still occurs.

NextDNS users

  • IMPORTANT - I can assure that I disabled the block page in NextDNS and can confirm that the problem still occurs.

With which block list(s) does the problem occur?

Threat Intelligence Feeds, Threat Intelligence Feeds medium

Which domain(s) should be unblocked?

przybys.eu

Why should the domain(s) be unblocked?

Hi, since commit d517b52 my personal domain - przybys.eu - is included in your Threat Intelligence (medium & big) lists:
git blame
I'm not sure why it happened as the site is just a static HTML page with a few links to my profiles in some popular services:
przybys.eu

Privacy

  • I confirm that the report does not contain any private information.
@teddybeermaniac teddybeermaniac added the allow Allow domain(s) label Jan 12, 2025
@hagezi
Copy link
Owner

hagezi commented Jan 12, 2025

Via @MikhailKasimov phish feed

@MikhailKasimov
Copy link

Fixed: MikhailKasimov/validin-phish-feed@5eefa13

Sorry for inconvenience!

@teddybeermaniac
Copy link
Author

Thanks @hagezi and @MikhailKasimov for a quick response and fix 🙂.

Out of curiosity I took a look at your list @MikhailKasimov and see that my domain was listed under # Reference: https://pilot.validin.com/detail?type=hash&find=38b4930f1180292d1f82d7e7f9bac8cd#tab=host_pairs (# 2024-12-28). As the URL is not publicly accessible I looked around for the hash and I see that it corresponds to Cloudflare's generic 400 Bad Request page. Am I right to assume that there might be more false positives on your list if any of the other domains returned that response?

Screenshot

Base64 encoded response corresponding to the hash:

PGh0bWw+DQo8aGVhZD48dGl0bGU+NDAwIEJhZCBSZXF1ZXN0PC90aXRsZT48L2hlYWQ+DQo8Ym9k
eT4NCjxjZW50ZXI+PGgxPjQwMCBCYWQgUmVxdWVzdDwvaDE+PC9jZW50ZXI+DQo8aHI+PGNlbnRl
cj5jbG91ZGZsYXJlPC9jZW50ZXI+DQo8L2JvZHk+DQo8L2h0bWw+DQo=

@MikhailKasimov
Copy link

Am I right to assume that there might be more false positives on your list if any of the other domains returned that response?

Yes, you are generally correct. Revoking entire record: MikhailKasimov/validin-phish-feed@6624f01

@hagezi hagezi added the fixed-pending-release Will be fixed in the next release label Jan 12, 2025
@github-actions GitHub Actions
Copy link

Thank you for your support. The issue is scheduled to be fixed in the next release. You will be notified when the issue is finally fixed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@hagezi hagezi

Labels
allow Allow domain(s) fixed-pending-release Will be fixed in the next release
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@MikhailKasimov @teddybeermaniac @hagezi